Alert: Threat actors continue to exploit patched Pulse Secure VPN devices

Organizations that are running Pulse Security VPN devices may still be at risk of being exploited, even if previously patched, according to a new Department of Homeland Security (DHS) advisory. The risk is elevated if an actor previously exploited CVE-2019-11510 and stole AD credentials from the victim organization.

Continue Reading Alert: Threat actors continue to exploit patched Pulse Secure VPN devices

Microsoft April 2020 Security Updates (with fixes for 2 zero-days)

Microsoft released the April 2020 Security Updates that includes 113 unique vulnerability fixes, 18 of those rated critical. The updates also include patches for two Adobe Font Manager zero day vulnerabilities disclosed in March.

Continue Reading Microsoft April 2020 Security Updates (with fixes for 2 zero-days)